Dr. Stephen Henson [Tue, 22 Mar 2005 17:55:33 +0000 (17:55 +0000)]
Doc fixes.
Nils Larsch [Tue, 22 Mar 2005 17:55:18 +0000 (17:55 +0000)]
test, remove unnecessary const cast
Dr. Stephen Henson [Tue, 22 Mar 2005 14:11:06 +0000 (14:11 +0000)]
Ensure (SSL_RANDOM_BYTES - 4) of pseudo random data is used for server and
client random values.
Richard Levitte [Mon, 21 Mar 2005 13:52:12 +0000 (13:52 +0000)]
There are cases when there are no files left to verify. Make sure to
handle that properly.
Nils Larsch [Sun, 20 Mar 2005 23:12:13 +0000 (23:12 +0000)]
add new curves to the loop (with some cleanup from me)
Submitted by: Jean-Luc Duval
Reviewed by: Nils Larsch
Nils Larsch [Sun, 20 Mar 2005 22:56:07 +0000 (22:56 +0000)]
some const fixes
Ulf Möller [Sat, 19 Mar 2005 11:39:17 +0000 (11:39 +0000)]
Use Windows randomness code on Cygwin
Ulf Möller [Sat, 19 Mar 2005 11:13:30 +0000 (11:13 +0000)]
fix breakage for Perl versions that do boolean operations on long words
Ulf Möller [Sat, 19 Mar 2005 10:19:45 +0000 (10:19 +0000)]
typo
Richard Levitte [Mon, 14 Mar 2005 15:39:25 +0000 (15:39 +0000)]
Added HOWTO about proxy certificates.
Bodo Möller [Sun, 13 Mar 2005 19:49:47 +0000 (19:49 +0000)]
"make depend". This takes into account the algorithms that are now
disabled by default (MDC2 and RC5), which until now were skipped
by "make links" and yet supposedly required by some of the Makefiles,
meaning that the recent snapshots failed to compile.
Problem reported by Nils Larsch.
Bodo Möller [Sun, 13 Mar 2005 19:46:58 +0000 (19:46 +0000)]
It seems that Configure revision 1.404 broke "make depend" by hiding
from it which algorithms were disabled. With these new changes,
"make depend" will properly take into account algorithms that are skipped.
Andy Polyakov [Sat, 12 Mar 2005 11:28:41 +0000 (11:28 +0000)]
Cygwin to use DSO_FLFCN and mingw to use DSO_WIN32.
Andy Polyakov [Sat, 12 Mar 2005 09:12:44 +0000 (09:12 +0000)]
Avoid re-build avalanches with HP-UX make.
Bodo Möller [Fri, 11 Mar 2005 09:01:24 +0000 (09:01 +0000)]
fix potential memory leak when allocation fails
PR: 801
Submitted by: Nils Larsch
Bodo Möller [Wed, 9 Mar 2005 19:08:02 +0000 (19:08 +0000)]
Fix typo
PR: 1017
Submitted by: ciresh@yahoo.com
Reviewed by: Nils Larsch
Bodo Möller [Wed, 2 Mar 2005 20:22:58 +0000 (20:22 +0000)]
Take MDC2 patent into account.
Bodo Möller [Wed, 2 Mar 2005 20:11:31 +0000 (20:11 +0000)]
In addition to RC5, also exclude MDC2 from compilation unless
the algorithm is explicitly requested.
Bodo Möller [Tue, 22 Feb 2005 10:29:51 +0000 (10:29 +0000)]
Change ./Configure so that certain algorithms can be disabled by default.
This is now the case for RC5.
As a side effect, the OPTIONS in the Makefile will usually look a
little different now, but they are essentially only for information
anyway.
Lutz Jänicke [Sat, 19 Feb 2005 10:26:18 +0000 (10:26 +0000)]
Fix typo on blowfish manual page
PR: 1010
Submitted by: Marc Balmer <mbalmer@openbsd.org>
Lutz Jänicke [Sat, 19 Feb 2005 10:19:07 +0000 (10:19 +0000)]
Fix hang in EGD/PRNGD query when communication socket is closed
prematurely by EGD/PRNGD.
PR: 1014
Submitted by: Darren Tucker <dtucker@zip.com.au>
Dr. Stephen Henson [Mon, 14 Feb 2005 21:53:24 +0000 (21:53 +0000)]
Fix possible memory leak.
Andy Polyakov [Sun, 6 Feb 2005 13:43:02 +0000 (13:43 +0000)]
Remove unused assembler modules.
Andy Polyakov [Sun, 6 Feb 2005 13:23:34 +0000 (13:23 +0000)]
This patch was "ignited" by OpenBSD 3>=4 support. They've switched to ELF
and GNU binutils, but kept BSD make... And I took the opportunity to
unify other targets to this common least denominator...
Andy Polyakov [Sun, 6 Feb 2005 13:20:23 +0000 (13:20 +0000)]
Reliable BSD-x86-elf detection in ./config.
Andy Polyakov [Sun, 6 Feb 2005 13:18:40 +0000 (13:18 +0000)]
Make Makefile.shared BSD make-friendly, remove more redundant -lc, set up
OBJECT_MODE for AIX.
Andy Polyakov [Sun, 6 Feb 2005 13:15:21 +0000 (13:15 +0000)]
Make util/shlib_wrap.sh [Open]BSD-friendly.
Andy Polyakov [Sun, 6 Feb 2005 13:10:23 +0000 (13:10 +0000)]
Mention no-sse2 option in INSTALL note.
Dr. Stephen Henson [Sat, 5 Feb 2005 17:22:14 +0000 (17:22 +0000)]
In mkdef.pl ignore trailing whitespace in #ifdef lines
Andy Polyakov [Thu, 3 Feb 2005 22:40:40 +0000 (22:40 +0000)]
Drop redundant -lc from a number of rules in Makefile.shared. It's
perfectly safe [compiler driver adds it] and in some situation even
perfectly appropriate [mixing -pthread and -lc on FreeBSD can have
lethal effect on apps/openssl]. I'd say we should get rid of more,
but I remove those I can test myself...
Andy Polyakov [Thu, 3 Feb 2005 10:19:59 +0000 (10:19 +0000)]
Shut whiny make's up.
Andy Polyakov [Tue, 1 Feb 2005 23:48:37 +0000 (23:48 +0000)]
Address run-time linker problems: LD_PRELOAD issue on multi-ABI platforms
and SafeDllSearchMode in Windows.
Submitted by: Richard Levitte
Richard Levitte [Thu, 27 Jan 2005 11:42:28 +0000 (11:42 +0000)]
The first argument to load_iv should really be a char ** instead of an
unsigned char **, since it points at text.
Thanks to Nils Larsch <nils.larsch@cybertrust.com> for pointing out
the inelegance of our code :-)
Richard Levitte [Thu, 27 Jan 2005 10:59:36 +0000 (10:59 +0000)]
Oops, == should really be = when used with test ([ and ]).
I guess I use bash too much...
Thanks to Peter Sylvester <Peter.Sylvester@edelweb.fr> for pointing it
out to me.
Richard Levitte [Thu, 27 Jan 2005 01:49:25 +0000 (01:49 +0000)]
Check for errors from EVP_VerifyInit_ex(), or EVP_VerifyUpdate might
cause a segfault... This was uncovered because EVP_VerifyInit() may fail
in FIPS mode if the wrong algorithm is chosen...
Richard Levitte [Thu, 27 Jan 2005 01:47:31 +0000 (01:47 +0000)]
Get rid if the annoying warning
Richard Levitte [Wed, 26 Jan 2005 23:51:20 +0000 (23:51 +0000)]
The mix of CFLAGS and LDFLAGS is a bit confusing in my opinion, and
Makefile.shared was a bit overcomplicated.
Make the shell variables LDFLAGS and SHAREDFLAGS in Makefile.shared
get the values of $(CFLAGS) or $(LDFLAGS) as appropriate depending on
the value the shell variables LDCMD and SHAREDCMD get. That leaves
much less chance of confusion, since those pairs of shell variables
always are defined together.
Andy Polyakov [Wed, 26 Jan 2005 19:58:15 +0000 (19:58 +0000)]
Respect the fact that most interactive shells don't restore stty settings
and make it work in non-interactive mode...
Andy Polyakov [Tue, 25 Jan 2005 22:09:11 +0000 (22:09 +0000)]
Please BSD make...
Andy Polyakov [Tue, 25 Jan 2005 22:07:22 +0000 (22:07 +0000)]
FreeBSD 5 refuses to #include <malloc.h>. Fix compiler warning after
http://cvs.openssl.org/chngview?cn=12843.
Andy Polyakov [Mon, 24 Jan 2005 15:58:25 +0000 (15:58 +0000)]
./Configure to respect $thread_cflag variable.
Andy Polyakov [Mon, 24 Jan 2005 14:38:14 +0000 (14:38 +0000)]
Fold a bunch of linux and *BSD targets into [linux|BSD]-generic[32|64].
Idea is to provide unified "fall-down" case for all rare platforms out
there. ./config is free to enable some optimizations, such as endianness
specification, specific -mcpu flags...
Andy Polyakov [Mon, 24 Jan 2005 14:22:05 +0000 (14:22 +0000)]
Default to AES u32 being unsinged int and not long. This improves cache
locality on 64-bit platforms (and fixes IA64 assembler-empowered build:-).
The choice is guarded by newly introduced AES_LONG macro, which needs
to be defined only on 16-bit platforms which we don't support (not that
I know of). Meaning that one could as well skip long option altogether.
Andy Polyakov [Mon, 24 Jan 2005 14:14:53 +0000 (14:14 +0000)]
Improve ECB performance (48+14*rounds -> 18+13*rounds) and reserve for
hand-coded zero-copy AES_cbc_encrypt.
Andy Polyakov [Fri, 21 Jan 2005 10:32:57 +0000 (10:32 +0000)]
linux-arm target update.
PR: 991
Andy Polyakov [Thu, 20 Jan 2005 17:00:14 +0000 (17:00 +0000)]
linux-parisc update.
PR: 990
Submitted by: Mike Frysinger <vapier@gentoo.org>
Andy Polyakov [Thu, 20 Jan 2005 10:33:37 +0000 (10:33 +0000)]
Bug-fix in CBC encrypt tail processing and commentary section update.
Richard Levitte [Wed, 19 Jan 2005 17:03:07 +0000 (17:03 +0000)]
Apparently, at least with my VMS C environment, defining _XOPEN_SOURCE
gets _POSIX_C_SOURC and _ANSI_C_SOURCE defined, which stops u_int from
being defined, and that breaks havock into the rest of the standard
headers... *sigh*
Richard Levitte [Tue, 18 Jan 2005 16:46:02 +0000 (16:46 +0000)]
Small thing. It seems like we have to defined _XOPEN_SOURCE to get
isascii() on DEC/Compaq/HP C for VMS.
Andy Polyakov [Tue, 18 Jan 2005 01:04:41 +0000 (01:04 +0000)]
Throw in AES CBC assembler, up to +40% on aes-128-cbc benchmark.
Andy Polyakov [Tue, 18 Jan 2005 00:46:55 +0000 (00:46 +0000)]
Fix a typo in a.out assembler modules.
Andy Polyakov [Tue, 18 Jan 2005 00:43:32 +0000 (00:43 +0000)]
Reserve for AES CBC assembler implementation...
Andy Polyakov [Tue, 18 Jan 2005 00:26:52 +0000 (00:26 +0000)]
Don't zap AES CBC IV, when decrypting truncated content in place.
Richard Levitte [Mon, 17 Jan 2005 17:06:58 +0000 (17:06 +0000)]
Changes concering RFC 3820 (proxy certificates) integration:
- Enforce that there should be no policy settings when the language
is one of id-ppl-independent or id-ppl-inheritAll.
- Add functionality to ssltest.c so that it can process proxy rights
and check that they are set correctly. Rights consist of ASCII
letters, and the condition is a boolean expression that includes
letters, parenthesis, &, | and ^.
- Change the proxy certificate configurations so they get proxy
rights that are understood by ssltest.c.
- Add a script that tests proxy certificates with SSL operations.
Other changes:
- Change the copyright end year in mkerr.pl.
- make update.
Dr. Stephen Henson [Fri, 14 Jan 2005 17:52:24 +0000 (17:52 +0000)]
PKCS7_verify() performance optimization. When the content is large and a
memory BIO (for example from SMIME_read_PKCS7 and detached data) avoid lots
of slow memory copies from the memory BIO by saving the content in a
temporary read only memory BIO.
Andy Polyakov [Fri, 14 Jan 2005 16:25:36 +0000 (16:25 +0000)]
INSTALL.DJGPP sync.
PR: 989
Andy Polyakov [Thu, 13 Jan 2005 15:46:09 +0000 (15:46 +0000)]
Rely on e_os.h to appropriately define str[n]casecmp in non-POSIX
environments.
Andy Polyakov [Thu, 13 Jan 2005 15:35:44 +0000 (15:35 +0000)]
"Monolithic" x86 assembler replacement for aes_core.c. Up to +15% better
performance on recent microarchitectures.
Andy Polyakov [Thu, 13 Jan 2005 15:25:30 +0000 (15:25 +0000)]
Fix an "oops" typo! Well, it was a debugging left-over...
Andy Polyakov [Thu, 13 Jan 2005 15:20:42 +0000 (15:20 +0000)]
O_NOFOLLOW is not appropriate when opening /dev/* entries on Solaris.
PR: 998
Richard Levitte [Wed, 12 Jan 2005 16:40:48 +0000 (16:40 +0000)]
Small typo, `mask' got the same value ORed to it twice instead of
`mask' and `emask' getting that operation done once each.
Patch supplied by Nils Larsch <nils.larsch@cybertrust.com>
Richard Levitte [Wed, 12 Jan 2005 09:53:20 +0000 (09:53 +0000)]
Correct a faulty address assignment, and add a length check (not
really needed now, but may be needed in the future, who knows?).
Andy Polyakov [Sun, 9 Jan 2005 20:42:33 +0000 (20:42 +0000)]
FAQ update to mention no-sha0 as possible workaround for Tru64 compiler bug.
Well, no-options seem to be busted in HEAD currently, which should/will be
fixed one way or another (see PR#989 for a possible alternative).
Andy Polyakov [Sun, 9 Jan 2005 20:14:04 +0000 (20:14 +0000)]
DJGPP documentation note update.
Andy Polyakov [Sun, 9 Jan 2005 16:01:58 +0000 (16:01 +0000)]
Permit "monolithic" AES assembler implementations, i.e. such which would
replace *whole* aes_core.c, not only AES_[de|en]crypt routines.
Andy Polyakov [Tue, 4 Jan 2005 10:28:38 +0000 (10:28 +0000)]
DJGPP update.
PR: 989
Submitted by: Doug Kaufman
Andy Polyakov [Fri, 31 Dec 2004 00:00:05 +0000 (00:00 +0000)]
Borrow #include <string[s].h> from e_os.h.
Andy Polyakov [Thu, 30 Dec 2004 23:40:31 +0000 (23:40 +0000)]
Make whiny compilers stop complaining about missing prototype.
Andy Polyakov [Thu, 30 Dec 2004 22:55:28 +0000 (22:55 +0000)]
Fix Win32 test-suit.
Andy Polyakov [Thu, 30 Dec 2004 11:10:11 +0000 (11:10 +0000)]
Remove naming conflict between variable and label.
Andy Polyakov [Thu, 30 Dec 2004 10:55:02 +0000 (10:55 +0000)]
Commentary update for AES IA-64 assembler module.
Andy Polyakov [Thu, 30 Dec 2004 10:46:03 +0000 (10:46 +0000)]
Minor AES x86 assembler tune-up.
Andy Polyakov [Thu, 30 Dec 2004 10:43:33 +0000 (10:43 +0000)]
AES-CFB[18] 2x optimization. Well, I bet nobody cares about AES-CFB1
performance, but anyway...
Dr. Stephen Henson [Wed, 29 Dec 2004 01:07:14 +0000 (01:07 +0000)]
Prompt for passphrases for PKCS12 input format
Andy Polyakov [Tue, 28 Dec 2004 17:10:42 +0000 (17:10 +0000)]
Oops-kind typos in aes-ia64.S...
Richard Levitte [Tue, 28 Dec 2004 10:35:13 +0000 (10:35 +0000)]
iv needs to be const because it sometimes takes it's value from a
const.
Richard Levitte [Tue, 28 Dec 2004 10:22:00 +0000 (10:22 +0000)]
Forgot to synchronise the VMS build scripts.
Richard Levitte [Tue, 28 Dec 2004 00:21:35 +0000 (00:21 +0000)]
Add functionality needed to process proxy certificates.
Andy Polyakov [Mon, 27 Dec 2004 21:27:46 +0000 (21:27 +0000)]
Minor cygwin update.
PR: 949
Andy Polyakov [Mon, 27 Dec 2004 14:59:36 +0000 (14:59 +0000)]
As new major IRIX release is highly unlikely to appear [and break following],
I change from -notall to -none synonym in irix rules to improve backward
compatibility with IRIX 5.x.
PR: 987
Andy Polyakov [Mon, 27 Dec 2004 14:57:54 +0000 (14:57 +0000)]
Remove CPU detect for IRIX targets. Performance gain is less than 1%,
it makes more sense to strive for broader binary compatibility...
Andy Polyakov [Sun, 26 Dec 2004 13:05:40 +0000 (13:05 +0000)]
Remove yet another redundant memcpy. Not at least performance critical,
essentially cosmetic modification...
Andy Polyakov [Sun, 26 Dec 2004 12:31:37 +0000 (12:31 +0000)]
Eliminate redundant memcpy of IV material. Performance improvement varies
from platform to platform and can be as large as 20%.
Andy Polyakov [Sun, 26 Dec 2004 10:58:39 +0000 (10:58 +0000)]
Engage AES x86 assembler module for COFF and a.out targets.
Andy Polyakov [Thu, 23 Dec 2004 21:44:28 +0000 (21:44 +0000)]
Engage AES x86 assembler module on ELF platforms.
Andy Polyakov [Thu, 23 Dec 2004 21:43:25 +0000 (21:43 +0000)]
x86 perlasm update to accomodate aes-586.pl.
Andy Polyakov [Thu, 23 Dec 2004 21:40:23 +0000 (21:40 +0000)]
Eliminate copies of TeN and TdN, use those found in assembler module.
Andy Polyakov [Thu, 23 Dec 2004 21:32:34 +0000 (21:32 +0000)]
AES x86 assembler implementation.
Andy Polyakov [Mon, 20 Dec 2004 13:44:34 +0000 (13:44 +0000)]
Refine PowerPC platform support.
Dr. Stephen Henson [Mon, 20 Dec 2004 00:49:36 +0000 (00:49 +0000)]
Remove unused buffer 'buf'.
Dr. Stephen Henson [Sun, 19 Dec 2004 01:21:18 +0000 (01:21 +0000)]
Don't use multiple storage types.
Geoff Thorpe [Fri, 17 Dec 2004 05:42:00 +0000 (05:42 +0000)]
Fix typos in the ecparam doc.
Submitted by: Nils Larsch
Richard Levitte [Mon, 13 Dec 2004 22:57:39 +0000 (22:57 +0000)]
make update (oops, missed this file)
Richard Levitte [Mon, 13 Dec 2004 22:57:08 +0000 (22:57 +0000)]
Change libeay.num so it's synchronised with additions in 0.9.7-stable.
make update
Dr. Stephen Henson [Mon, 13 Dec 2004 18:02:23 +0000 (18:02 +0000)]
Fix s_client so it works without a certificate again.
Richard Levitte [Mon, 13 Dec 2004 17:28:44 +0000 (17:28 +0000)]
Propagate a few more variables to Makefile.shared when linking
programs.
Dr. Stephen Henson [Sun, 12 Dec 2004 13:15:49 +0000 (13:15 +0000)]
Remove duplicate lines.
Andy Polyakov [Fri, 10 Dec 2004 11:24:42 +0000 (11:24 +0000)]
Solaris x86 perlasm update.
Andy Polyakov [Thu, 9 Dec 2004 15:39:55 +0000 (15:39 +0000)]
Engage SHA1 IA64 assembler on IA64 platforms.
Dr. Stephen Henson [Thu, 9 Dec 2004 13:35:06 +0000 (13:35 +0000)]
Automatically mark the CRL cached encoding as invalid when some operations
are performed.